EPrints Technical Mailing List Archive

Message: #05157


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

[EP-tech] repos with a mix of HTTP and HTTPS


Hi EPrintsers, I have a query about serving a repository with a mix of HTTP and HTTPS.

 

Currently our two repositories have a pretty standard setup: the bulk of the site is served over plaintext HTTP, including untrusted session cookies. Secure/administrative functions are served over HTTPS.

 

We want to reconfigure the server to use HTTPS for the entire site (for various reasons, Google search rankings high amongst them.) However we want to retain the option of plaintext HTTP access so that some less modern external indexers and crawlers can continue to do their thing.

 

I should point out that our primary repository predates EPrints 3.2, and likely includes a bunch of legacy features and obscure customisations, so what I’m describing may be available out of the box with a fresh install but lost to us personally. However if not, does anybody have any experience doing what I’ve described?

 

Do you have any pointers on what to en/disable in config, or what to tweak (and where) to make the entire site HTTPS-by-default while retaining the option for standard HTTP browsing of “insecure” content?

 

Cheers

--

Matthew Kerwin  |  Senior Web Developer  |  Applications & Development Team  |  Library eServices  |  Queensland University of Technology  |  Level 3, R Block, Kelvin Grove  |  matthew.kerwin@qut.edu.au  |  CRICOS No 00213J

 

Attachment: smime.p7s
Description: S/MIME cryptographic signature